Where's My Perry Security Vulnerabilities

CVE-2024-32525 WordPress Theme My Login plugin <= 7.1.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Theme My Login.This issue affects Theme My Login: from n/a through...

GEO my WordPress < 4.2 - Cross-Site Request Forgery

Description The GEO my WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to perform unauthorized actions via a...

Debian dsa-5663 : firefox-esr - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5663 advisory. The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This...

This Week in Spring - April 16th, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring! I'm writing this from beautiful Paris, France, ahead of the amazing Devoxx France event. I've come to almost all of these events over the years. It's hard to believe it's been more than a decade since the show was first...

Argo CD's API server does not enforce project sourceNamespaces

Impact I can convince the UI to let me do things with an invalid Application. 1. Admin gives me p, michael, applications, , demo/ , allow, where demo can just deploy to the demo namespace 2. Admin gives me AppProject dev which reconciles from ns dev-apps 3. Admin gives me p, michael,...

Argo CD's API server does not enforce project sourceNamespaces

Impact I can convince the UI to let me do things with an invalid Application. 1. Admin gives me p, michael, applications, , demo/ , allow, where demo can just deploy to the demo namespace 2. Admin gives me AppProject dev which reconciles from ns dev-apps 3. Admin gives me p, michael,...

Crickets from Chirp Systems in Smart Lock Key Leak

The U.S. government is warning that "smart locks" securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. The lock's maker Chirp Systems remains unresponsive, even though it was first notified about the critical.....

Frameless-Bitb - A New Approach To Browser In The Browser (BITB) Without The Use Of Iframes, Allowing The Bypass Of Traditional Framebusters Implemented By Login Pages Like Microsoft And The Use With Evilginx

A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft. This POC code is built for using this new BITB with Evilginx, and a Microsoft Enterprise phishlet. Before diving deep into this, I.....

CVE-2024-32097

Cross-Site Request Forgery (CSRF) vulnerability in Eyal Fitoussi GEO my WordPress.This issue affects GEO my WordPress: from n/a through...

CVE-2024-32097

Cross-Site Request Forgery (CSRF) vulnerability in Eyal Fitoussi GEO my WordPress.This issue affects GEO my WordPress: from n/a through...

CVE-2024-32097 WordPress GEO my WordPress plugin <= 4.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Eyal Fitoussi GEO my WordPress.This issue affects GEO my WordPress: from n/a through...

Moodle 3.10.1 SQL Injection

...

Exploit for Cross-site Scripting in Cpanel

CVE-2023-29489 exploit This script can exploit many...

Exploit for CVE-2024-24576

[CVE-2024-24576](https://nvd.nist.gov/vuln/detail/CVE-2024-245......

PortSwigger Web Security: Incorrect logic when buy one more license which may lead to extend the expire date of existing license

Hi Team, I noticed a bug in the licenses which may lead to extend the expire date of existing license. To be honest, it is hard for me to reproduce it. I was plan to see if the license still works after ███████. I think it's better to report this issue to you althought it may prove it is just a...

Debian dsa-5658 : affs-modules-6.1.0-11-4kc-malta-di - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5658 advisory. A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in...

Friday Squid Blogging: The Awfulness of Squid Fishing Boats

It's a pretty awful story. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines...

Exploit for CVE-2023-45288

PoC for CVE-2023-45288 This is a proof-of-concept code for...

Demo My WordPress < 1.1.0 - Unauthenticated Privilege Escalation

Description The Demo My WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.9.1. This is due to insufficient verification on privilege assignment. This makes it possible for unauthenticated attackers to gain elevated access to a vulnerable....

Moodle 3.10.1 - Authenticated Blind Time-Based SQL Injection - (sort) parameter Exploit

...

Moodle 3.10.1 - Authenticated Blind Time-Based SQL Injection - &quot;sort&quot; parameter

...

Why CISA is Warning CISOs About a Breach at Sisense

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense....

Exploit for CVE-2023-6319

Root my webOS TV A simple python script that starts a telnet...

The internet is already scary enough without April Fool’s jokes

I feel like over the past several years, the "holiday" that is April Fool's Day has really died down. At this point, there are few headlines you can write that would be more ridiculous than something you'd find on a news site any day of the week. And there are so many more serious issues that are.....

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 1, 2024 to April 7, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 193 vulnerabilities disclosed in 154...

Cosign malicious artifacts can cause machine-wide DoS

Maliciously-crafted software artifacts can cause denial of service of the machine running Cosign, thereby impacting all services on the machine. The root cause is that Cosign creates slices based on the number of signatures, manifests or attestations in untrusted artifacts. As such, the untrusted.....

Cosign malicious artifacts can cause machine-wide DoS

Maliciously-crafted software artifacts can cause denial of service of the machine running Cosign, thereby impacting all services on the machine. The root cause is that Cosign creates slices based on the number of signatures, manifests or attestations in untrusted artifacts. As such, the untrusted.....

AIX is vulnerable to email spoofing due to sendmail (CVE-2023-51765)

IBM SECURITY ADVISORY First Issued: Thu Apr 11 15:33:45 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/sendmail_advisory4.asc Security Bulletin: AIX is vulnerable to email spoofing due to sendmail (CVE-2023-51765)...

AIX is affected by multiple vulnerabilities due to Python (CVE-2023-52425 CVE-2023-52426 CVE-2023-6597)

IBM SECURITY ADVISORY First Issued: Thu Apr 11 15:29:16 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/python_advisory8.asc Security Bulletin: AIX is affected by multiple vulnerabilities due to Python (CVE-2023-52425,...

Microsoft’s April 2024 Patch Tuesday includes two actively exploited zero-day vulnerabilities

The April 2024 Patch Tuesday update includes patches for 149 Microsoft vulnerabilities and republishes 6 non-Microsoft CVEs. Three of those 149 vulnerabilities are listed as critical, and one is listed as actively exploited by Microsoft. Another vulnerability is claimed to be a zero-day by...

SAP NetWeaver AS Java Information Disclosure (April 2024)

SAP NetWeaver Application Server for Java is affected by an information disclosure vulnerability. 'Self-Registration' and 'Modify your own profile' in User Admin Application of NetWeaver AS Java does not enforce proper security requirements for the content of the newly defined security answer....

SAP NetWeaver SSRF (April 2024)

SAP NetWeaver is affected by a server-side request forgery (SSRF) vulnerability. Due to insufficient input validation, SAP NetWeaver application (tc~esi~esp~grmg~wshealthcheck~ear) allows an unauthenticated attacker to send crafted requests from a vulnerable web application targeting internal...

SAP NetWeaver AS ABAP DoS (April 2024)

The remote SAP NetWeaver ABAP server may be affected by a denial of service (DoS) vulnerability. The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. This leads to.....

SAP BusinessObjects Business Intelligence Platform Information Disclosure (3421384)

The version of SAP BusinessObjects Business Intelligence Platform installed on the remote Windows host is affected by an information disclosure vulnerability. Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system....

Introducing the Digital Footprint Portal

Digital security is about so much more than malware. That wasn’t always the case. When I started Malwarebytes more than 16 years ago, malware was the primary security concern—the annoying pop-ups, the fast-spreading viruses, the catastrophic worms—and throughout our company’s history,...

Exploit for CVE-2024-24576

CVE-2024-24576 PoC The Command::arg and...

Exploit for CVE-2024-24576

CVE-2024-24576 PoC The Command::arg and...

CVE-2024-30216

Cash Management in SAP S/4 HANA does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, attacker can add notes in the review request with 'completed' status affecting the integrity of the...

CVE-2024-30218

The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. This leads to a considerable impact on...

CVE-2024-30217

Cash Management in SAP S/4 HANA does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can approve or reject a bank account application affecting the integrity of the application....

CVE-2024-30217

Cash Management in SAP S/4 HANA does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can approve or reject a bank account application affecting the integrity of the application....

CVE-2024-30216

Cash Management in SAP S/4 HANA does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, attacker can add notes in the review request with 'completed' status affecting the integrity of the...

CVE-2024-30218

The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. This leads to a considerable impact on...

CVE-2024-30215

The Resource Settings page allows a high privilege attacker to load exploitable payload to be stored and reflected whenever a User visits the page. In a successful attack, some information could be obtained and/or modified. However, the attacker does not have control over what information is...

CVE-2024-30215

The Resource Settings page allows a high privilege attacker to load exploitable payload to be stored and reflected whenever a User visits the page. In a successful attack, some information could be obtained and/or modified. However, the attacker does not have control over what information is...

CVE-2024-30214

The application allows a high privilege attacker to append a malicious GET query parameter to Service invocations, which are reflected in the server response. Under certain circumstances, if the parameter contains a JavaScript, the script could be processed on client...

CVE-2024-30214

The application allows a high privilege attacker to append a malicious GET query parameter to Service invocations, which are reflected in the server response. Under certain circumstances, if the parameter contains a JavaScript, the script could be processed on client...

CVE-2024-28167

SAP Group Reporting Data Collection does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, specific data can be changed via the Enter Package Data app although the user does not have sufficient authorization...

CVE-2024-28167

SAP Group Reporting Data Collection does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, specific data can be changed via the Enter Package Data app although the user does not have sufficient authorization...

CVE-2024-27898

SAP NetWeaver application, due to insufficient input validation, allows an attacker to send a crafted request from a vulnerable web application targeting internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request...